1 Topic by rizim

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Topic: Doubt about postscreen

==== Required information ====
- iRedMail version (check /etc/iredmail-release): 0.9.2
- Linux/BSD distribution name and version: Debian 8 Jessie 64 bit
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue: see below
====


Hello,

I enabled postscreen, looks very good but on the /var/log/mail.log I noted two warning messages:

warning: getpeername: Transport endpoint is not connected -- dropping this connection 

and

postfix/dnsblog[1870]: warning: dnsblog_query: lookup error for DNS query 180.212.85.209.list.dnswl.org: Host or domain name not found. Name service error for name=180.212.85.209.list.dnswl.org type=A: Host not found, try again

What does they means and how can I fix?
Thank you.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

*) Looks like temporary local DNS issue.
*) You can also remove list.dnswl.org in postscreen setting, check whether or not it occurs again.

3 Reply by rizim

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Re: Doubt about postscreen

Hello,

thanks for replying.
For the second problem looks like my ip isn't allowed to query dnswl

# host 2.0.0.127.list.dnswl.org
;; connection timed out; no servers could be reached

and this is the reason for which i get that error. I'm asking to dsnwl to allow my ip.

For the first point, could you please elaborate a bit more how can be a local DNS issue?

Thanks.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

rizim wrote:

warning: getpeername: Transport endpoint is not connected -- dropping this connection 

getpeername is DNS query too. But it might relates to the dnswl.org issue.

5 Reply by rizim (edited by rizim 2015-08-29 02:34:25)

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Re: Doubt about postscreen

Looks like the  second issue is now fixed.

Here's the fix:

apt-get install bind9

edit /etc/resolv.conf  remove the entry provided from the ips, in my case

nameserver 213.186.33.99

and put

namserver 127.0.0.1

restart bind.

At this point dnswl is happy to accept query from your server.
But for other problem, no luck, sometimes in log I see

warning: getpeername: Transport endpoint is not connected -- dropping this connection

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

rizim wrote:

warning: getpeername: Transport endpoint is not connected -- dropping this connection

Any log before and after this line?

7 Reply by rizim (edited by rizim 2015-08-29 17:21:36)

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Re: Doubt about postscreen

Here's a complete log:

...
Aug 29 10:34:08 mx postfix/postscreen[1938]: CONNECT from [183.80.176.46]:15814 to [37.187.198.176]:25
Aug 29 10:34:08 mx postfix/dnsblog[1940]: addr 183.80.176.46 listed by domain dnsbl.sorbs.net as 127.0.0.6
Aug 29 10:34:08 mx postfix/dnsblog[1941]: addr 183.80.176.46 listed by domain bl.spamcop.net as 127.0.0.2
Aug 29 10:34:08 mx postfix/dnsblog[1939]: addr 183.80.176.46 listed by domain zen.spamhaus.org as 127.0.0.11
Aug 29 10:34:08 mx postfix/dnsblog[1939]: addr 183.80.176.46 listed by domain zen.spamhaus.org as 127.0.0.4
Aug 29 10:34:08 mx postfix/dnsblog[1942]: addr 183.80.176.46 listed by domain b.barracudacentral.org as 127.0.0.2
Aug 29 10:34:14 mx postfix/postscreen[1938]: DNSBL rank 7 for [183.80.176.46]:15814
Aug 29 10:34:15 mx postfix/postscreen[1938]: NOQUEUE: reject: RCPT from [183.80.176.46]:15814: 550 5.7.1 Service unavailable; client [183.80.176.46] blocked using zen.spamhaus.org; from=<zc@ilg.com>, to=<aaa@someaddress.com>, proto=ESMTP, helo=<[183.80.176.46]>
Aug 29 10:34:16 mx postfix/postscreen[1938]: HANGUP after 1.3 from [183.80.176.46]:15814 in tests after SMTP handshake
Aug 29 10:34:16 mx postfix/postscreen[1938]: DISCONNECT [183.80.176.46]:15814
Aug 29 10:35:56 mx postfix/postscreen[1938]: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)
Aug 29 10:36:32 mx postfix/anvil[1969]: statistics: max connection rate 1/60s for (smtpd:50.115.214.72) at Aug 29 10:33:06
Aug 29 10:36:32 mx postfix/anvil[1969]: statistics: max connection count 1 for (smtpd:50.115.214.72) at Aug 29 10:33:06
Aug 29 10:36:32 mx postfix/anvil[1969]: statistics: max cache size 1 at Aug 29 10:33:06
Aug 29 11:00:06 mx postfix/postscreen[2118]: warning: getpeername: Transport endpoint is not connected -- dropping this connection
..

Thanks

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

Don't know what this error exactly mean, it looks like a network issue.
i suggest you ask support in Postfix mailing list instead:
http://www.postfix.org/lists.html

9 Reply by rizim

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Re: Doubt about postscreen

In my opinion there is something to check/change in master.cf - I will investigate on it.

If someone is interested in solving that error

postfix/postscreen[1938]: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)

Here's the solution: (maybe not best one, but it works)

systemctl stop postfix
cd /var/lib/postfix
mkdir -p /var/spool/postfix/var/lib/postfix
mv postscreen_cache.db /var/spool/postfix/var/lib/postfix
ln -s /var/spool/postfix/var/lib/postfix/postscreen_cache.db
systemctl start postfix

10 Reply by mir

  • mir
  • Member
  • Offline
  • Registered: 2014-05-30
  • Posts: 170

Re: Doubt about postscreen

rizim wrote:

postfix/postscreen[1938]: close database /var/lib/postfix/postscreen_cache.db: No such file or directory (possible Berkeley DB bug)

Problem: postfix runs chroot and postscreen does not.

11 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

Our script (tools/enable_postscreen.sh) simply uncomment the line in /etc/postfix/master.cf. so it depends on default settings in Linux/BSD distributions.

12 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

rizim wrote:

Here's the solution: (maybe not best one, but it works)
systemctl stop postfix
cd /var/lib/postfix
mkdir -p /var/spool/postfix/var/lib/postfix
mv postscreen_cache.db /var/spool/postfix/var/lib/postfix
ln -s /var/spool/postfix/var/lib/postfix/postscreen_cache.db
systemctl start postfix

Looks like doesn't work on CentOS 6.
I removed 'postscreen_cache.db` under both /var/lib/postfix and /var/spool/postfix/var/lib/postfix, update master.cf to run postscreen under chroot, send testing email from Gmail, no `postscreen_cache.db` created under /var/spool/postfix/var/lib/postfix.

Could you help test it? just remove 'postscreen_cache.db' under both directories, then restart postfix, check which directory contains the newly created postscreen_cache.db.

13 Reply by rizim

  • rizim
  • Member
  • Offline
  • Registered: 2015-08-27
  • Posts: 9

Re: Doubt about postscreen

No tried on CentOS, sorry.
On Debian 8, works fine.

14 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,787

Re: Doubt about postscreen

rizim wrote:

No tried on CentOS, sorry.
On Debian 8, works fine.

Could you please show me output of command below?

grep 'postscreen' /etc/postfix/master.cf